ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2024.0152
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2024-0152)
Resumen:	The remote host is missing an update for the 'opencryptoki' package(s) announced via the MGASA-2024-0152 advisory.
Descripción:	Summary: The remote host is missing an update for the 'opencryptoki' package(s) announced via the MGASA-2024-0152 advisory. Vulnerability Insight: A timing side-channel vulnerability has been discovered in the opencryptoki package while processing RSA PKCS#1 v1.5 padded ciphertexts. This flaw could potentially enable unauthorized RSA ciphertext decryption or signing, even without access to the corresponding private key. (CVE-2024-0914) Affected Software/OS: 'opencryptoki' package(s) on Mageia 9. Solution: Please install the updated package(s). CVSS Score: 5.4 CVSS Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2024-0914 RHBZ#2260407 https://bugzilla.redhat.com/show_bug.cgi?id=2260407 RHSA-2024:1239 https://access.redhat.com/errata/RHSA-2024:1239 RHSA-2024:1411 https://access.redhat.com/errata/RHSA-2024:1411 RHSA-2024:1608 https://access.redhat.com/errata/RHSA-2024:1608 RHSA-2024:1856 https://access.redhat.com/errata/RHSA-2024:1856 RHSA-2024:1992 https://access.redhat.com/errata/RHSA-2024:1992 https://access.redhat.com/security/cve/CVE-2024-0914 https://people.redhat.com/~hkario/marvin/
Copyright	Copyright (C) 2024 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.